PT-2023-28448 · Samsung · Samsung Data Store

Wang Kailong

Publicado

2023-12-04

Atualizado

2023-12-11

CVE-2023-42578

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Samsung Data Store versions prior to 5.2.00.7

Description The issue is related to improper handling of insufficient permissions or privileges, allowing remote attackers to access location information without permission.

Recommendations For versions prior to 5.2.00.7, update to version 5.2.00.7 or later to resolve the issue. As a temporary workaround, consider restricting access to location information until the update is applied.

Correção

Improper Handling of Exceptional Conditions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-755

Identificadores relacionados

CVE-2023-42578

Produtos afetados

Samsung Data Store

PT-2023-28448 · Samsung · Samsung Data Store

CVE-2023-42578

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6